Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Wireshark question

Avatar of neil4933
neil4933 asked on
NetworkingNetwork AnalysisTCP/IP
5 Comments1 Solution1122 ViewsLast Modified:
Hi

I am trying to use Wireshark to trace a conversation between a server and client. I ran the Wireshark capture and have the file in front of me. But I have some questions I was hoping experts could help with;

i) I want to view the source and destination ports.... I went to "Edit Preferences" and added a column for Source Port and Destination Port. But - in the view, they are labelled as "New Column" and "New Column", the option to name the Column in "Edit Preferences" is greyed out, anyone know how to change this?

ii) When the capture starts, for the Columns I added, sometimes I can see the port number, sometimes the name of the procotol (I assume that's what it is)...how can I change it so that only the port NUMBER is displayed?

iii) I would like to see which device intiated a conversation. Sure, I can see Source IP and Destination IP, however I don't know which one actually started the conversation. I assume I need to look at the "Info" tab, there are entries there such as "ACK" and "PSH, ACK" - does anyone know how these can help me?

iv) Also in info, I can see the "Seq" number, and the "Ack" number, what do these relate to?

v) Is there any way to right click a packet and view the entire conversation related to that packet (as in highlight the entries in the display)

Any help would be much appreciated!!!!
ASKER CERTIFIED SOLUTION
Avatar of noci
nociSoftware Engineer
Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answers